{"api_version":"1","generated_at":"2026-04-23T07:48:27+00:00","cve":"CVE-2022-2127","urls":{"html":"https://cve.report/CVE-2022-2127","api":"https://cve.report/api/cve/CVE-2022-2127.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-2127","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-2127"},"summary":{"title":"CVE-2022-2127","description":"An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manager response length. When Winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2023-07-20 15:15:00","updated_at":"2024-01-30 16:15:00"},"problem_types":["CWE-125"],"metrics":[],"references":[{"url":"https://access.redhat.com/errata/RHSA-2023:7139","name":"RHSA-2023:7139","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/","name":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/","refsource":"MISC","tags":[],"title":"[SECURITY] Fedora 38 Update: samba-4.18.5-0.fc38 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/security/cve/CVE-2022-2127","name":"https://access.redhat.com/security/cve/CVE-2022-2127","refsource":"MISC","tags":[],"title":"cve-details","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.debian.org/security/2023/dsa-5477","name":"https://www.debian.org/security/2023/dsa-5477","refsource":"MISC","tags":[],"title":"Debian -- Security Information -- DSA-5477-1 samba","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/errata/RHSA-2024:0423","name":"RHSA-2024:0423","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.samba.org/samba/security/CVE-2022-2127.html","name":"https://www.samba.org/samba/security/CVE-2022-2127.html","refsource":"MISC","tags":[],"title":"Samba - Security Announcement Archive","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/errata/RHSA-2024:0580","name":"RHSA-2024:0580","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2023:6667","name":"RHSA-2023:6667","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20230731-0010/","name":"https://security.netapp.com/advisory/ntap-20230731-0010/","refsource":"MISC","tags":[],"title":"July 2023 Samba Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222791","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2222791","refsource":"MISC","tags":[],"title":"2222791 – (CVE-2022-2127) CVE-2022-2127 samba: out-of-bounds read in winbind AUTH_CRAP","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/","name":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/","refsource":"MISC","tags":[],"title":"[SECURITY] Fedora 37 Update: samba-4.17.10-0.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-2127","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2127","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"2127","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"12.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2127","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"37","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2127","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"38","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2127","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"6.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2127","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2127","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2127","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2127","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"samba","cpe5":"samba","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-2127","qid":"161079","title":"Oracle Enterprise Linux Security Update for samba (ELSA-2023-6667)"},{"cve":"CVE-2022-2127","qid":"161138","title":"Oracle Enterprise Linux Security Update for samba (ELSA-2023-7139)"},{"cve":"CVE-2022-2127","qid":"199593","title":"Ubuntu Security Notification for Samba Vulnerabilities (USN-6238-1)"},{"cve":"CVE-2022-2127","qid":"242329","title":"Red Hat Update for samba security (RHSA-2023:6667)"},{"cve":"CVE-2022-2127","qid":"242428","title":"Red Hat Update for samba security (RHSA-2023:7139)"},{"cve":"CVE-2022-2127","qid":"242787","title":"Red Hat Update for samba (RHSA-2024:0580)"},{"cve":"CVE-2022-2127","qid":"242852","title":"Red Hat Update for samba (RHSA-2024:0423)"},{"cve":"CVE-2022-2127","qid":"284336","title":"Fedora Security Update for samba (FEDORA-2023-76c06c8576)"},{"cve":"CVE-2022-2127","qid":"284369","title":"Fedora Security Update for samba (FEDORA-2023-bcd91bfcd3)"},{"cve":"CVE-2022-2127","qid":"355878","title":"Amazon Linux Security Advisory for samba : ALAS2023-2023-316"},{"cve":"CVE-2022-2127","qid":"356750","title":"Amazon Linux Security Advisory for samba : ALAS2-2023-2367"},{"cve":"CVE-2022-2127","qid":"356781","title":"Amazon Linux Security Advisory for samba : ALAS-2023-1896"},{"cve":"CVE-2022-2127","qid":"379622","title":"Alibaba Cloud Linux Security Update for evolution-mapi (ALINUX3-SA-2024:0037)"},{"cve":"CVE-2022-2127","qid":"6000221","title":"Debian Security Update for samba (DSA 5477-1)"},{"cve":"CVE-2022-2127","qid":"6000543","title":"Debian Security Update for samba (DSA 5647-1)"},{"cve":"CVE-2022-2127","qid":"673521","title":"EulerOS Security Update for samba (EulerOS-SA-2023-2907)"},{"cve":"CVE-2022-2127","qid":"673550","title":"EulerOS Security Update for samba (EulerOS-SA-2023-3157)"},{"cve":"CVE-2022-2127","qid":"673600","title":"EulerOS Security Update for samba (EulerOS-SA-2023-2869)"},{"cve":"CVE-2022-2127","qid":"673784","title":"EulerOS Security Update for samba (EulerOS-SA-2023-3229)"},{"cve":"CVE-2022-2127","qid":"673831","title":"EulerOS Security Update for samba (EulerOS-SA-2023-2852)"},{"cve":"CVE-2022-2127","qid":"673954","title":"EulerOS Security Update for samba (EulerOS-SA-2023-2888)"},{"cve":"CVE-2022-2127","qid":"674025","title":"EulerOS Security Update for samba (EulerOS-SA-2023-3194)"},{"cve":"CVE-2022-2127","qid":"691226","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for samba (441e1e1a-27a5-11ee-a156-080027f5fec9)"},{"cve":"CVE-2022-2127","qid":"710873","title":"Gentoo Linux Samba Multiple Vulnerabilities (GLSA 202402-28)"},{"cve":"CVE-2022-2127","qid":"754194","title":"SUSE Enterprise Linux Security Update for samba (SUSE-SU-2023:2888-1)"},{"cve":"CVE-2022-2127","qid":"754195","title":"SUSE Enterprise Linux Security Update for samba (SUSE-SU-2023:2887-1)"},{"cve":"CVE-2022-2127","qid":"754222","title":"SUSE Enterprise Linux Security Update for samba (SUSE-SU-2023:3017-1)"},{"cve":"CVE-2022-2127","qid":"754225","title":"SUSE Enterprise Linux Security Update for samba (SUSE-SU-2023:3060-1)"},{"cve":"CVE-2022-2127","qid":"754284","title":"SUSE Enterprise Linux Security Update for samba (SUSE-SU-2023:3358-1)"},{"cve":"CVE-2022-2127","qid":"755893","title":"SUSE Enterprise Linux Security Update for samba (SUSE-SU-2023:2929-1)"},{"cve":"CVE-2022-2127","qid":"755894","title":"SUSE Enterprise Linux Security Update for samba (SUSE-SU-2023:2930-1)"},{"cve":"CVE-2022-2127","qid":"941384","title":"AlmaLinux Security Update for samba (ALSA-2023:6667)"},{"cve":"CVE-2022-2127","qid":"941423","title":"AlmaLinux Security Update for samba (ALSA-2023:7139)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2022-2127","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manager response length. When Winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Out-of-bounds Read","cweId":"CWE-125"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"samba","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"version":"4.17.10","status":"unaffected"},{"version":"4.16.11","status":"unaffected"},{"version":"4.18.5","status":"unaffected"}]}}]}}]}},{"vendor_name":"Red Hat","product":{"product_data":[{"product_name":"Red Hat Enterprise Linux 9","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"version":"0:4.18.6-100.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}],"defaultStatus":"affected"}},{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"version":"0:4.18.6-100.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}],"defaultStatus":"affected"}}]}},{"product_name":"Red Hat Enterprise Linux 6","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unknown"}},{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unknown"}}]}},{"product_name":"Red Hat Enterprise Linux 7","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unknown"}}]}},{"product_name":"Red Hat Enterprise Linux 8","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}},{"product_name":"Red Hat Storage 3","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}}]}},{"vendor_name":"Fedora","product":{"product_data":[{"product_name":"Fedora","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}}]}}]}},"references":{"reference_data":[{"url":"https://access.redhat.com/errata/RHSA-2023:6667","refsource":"MISC","name":"https://access.redhat.com/errata/RHSA-2023:6667"},{"url":"https://access.redhat.com/security/cve/CVE-2022-2127","refsource":"MISC","name":"https://access.redhat.com/security/cve/CVE-2022-2127"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222791","refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2222791"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/","refsource":"MISC","name":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/","refsource":"MISC","name":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/"},{"url":"https://security.netapp.com/advisory/ntap-20230731-0010/","refsource":"MISC","name":"https://security.netapp.com/advisory/ntap-20230731-0010/"},{"url":"https://www.debian.org/security/2023/dsa-5477","refsource":"MISC","name":"https://www.debian.org/security/2023/dsa-5477"},{"url":"https://www.samba.org/samba/security/CVE-2022-2127.html","refsource":"MISC","name":"https://www.samba.org/samba/security/CVE-2022-2127.html"}]},"impact":{"cvss":[{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":5.9,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}]}},"nvd":{"publishedDate":"2023-07-20 15:15:00","lastModifiedDate":"2024-01-30 16:15:00","problem_types":["CWE-125"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":5.9,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.2,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16.0","versionEndExcluding":"4.16.10","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*","versionStartIncluding":"4.17.0","versionEndExcluding":"4.17.9","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*","versionStartIncluding":"4.18.0","versionEndExcluding":"4.18.4","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}